Technology giant Intel has been including an innovative security method in its processors for a number of years. This method works as a vault for your personal data. However, KU Leuven researchers (Belgium) have shown that the system can, in fact, be hacked using the Foreshadow attack. What’s more, information processed in cloud systems also seems to be vulnerable to this kind of attack. Intel will be releasing patches and updates to resolve the flaw in millions of processors.
Computer systems are made up of different layers, making them very complex. Every layer also contains millions of lines of computer code. As this code is still written manually, the risk for errors is significant. If such an error occurs, the entire computer system is left vulnerable to attacks. You can compare it to a skyscraper: if one of the floors becomes damaged the entire building might collapse.
Viruses exploit such errors to gain access to sensitive or personal information on the computer, from holiday pictures and passwords to business secrets. In order to protect their processors against these kind of intrusions, IT company Intel introduced an innovative technology in 2015: Intel Software Guard eXtensions (Intel SGX). This technology creates isolated environments in the computer’s memory, so-called enclaves, where data and programmes can be used securely.
“If you look at a computer system as a skyscraper, the enclaves form a vault”, explains researcher Jo Van Bulck of the Informatics Section (KU Leuven). “Even when the building collapses the vault should still guard its secrets.”
Crack the vault
“You can put personal information, such as passwords or medical data, in this vault, but there are other possibilities as well. Streaming services such as Netflix, for example, can use enclaves for copyright protection: customers may look at films, but they cannot extract the data that would enable them to make an illegal copy of these films.”
Until now, this technology seemed watertight, but KU Leuven researchers have discovered a breach. The attack they launched together with Technion – Israel Institute of Technology, University of Michigan and The University of Adelaide, called Foreshadow, shows that the content of the enclaves can be uncovered anyway.
“The attack uses speculative execution”, says researcher Raoul Strackx. “To be able to work quickly, a processor will make certain calculations in advance. If it becomes clear that the calculations retrieve information from an enclave in an unauthorised way, they are discarded. But this is where Intel SGX makes a mistake. Not all traces of the calculations are discarded, which allowed us to enter the enclave.”
The computer scientists already notified Intel of this security risk in January, ensuring the technology company had enough time to resolve the breach. An analysis performed by Intel itself also revealed that the impact of Foreshadow is even greater than expected. Not only can this kind of attack enter the enclaves, it also compromises the security of cloud platforms, which play a crucial role in our IT infrastructure. On 14 August, Intel will release an update to repair the flaw in millions of processors.
“Over the past years, researchers of KU Leuven have uncovered several important issues in our IT infrastructure”, says Professor Frank Piessens of the Department of Computer Science. “Our scientists discovered a major breach in the WIFI security in October last year, for instance. In other words, this new successful attack is more than just a stroke of luck. That is why Intel Corporation has decided to support us in the coming years to help them in their search for solutions for cybersecurity.”
More information about the research can be found here: https:/
